Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RaphBRD
New Contributor

FGT81E - "Mail to SMS" for an SMS OTP solution

Hello,

I want to deploy a Forticlient EMS solution and SMS OTP authentication for SSL VPNs. However, I do not want to go through FortiToken so I would like to rely on the native FGT81E "Mail to SMS" solution and build an internal solution (Mail/Postfix Server to retrieve the "Mail to SMS" from the Forti, implementation instead of a personalized Mail->Script->Curl service to a local SMS provider).

I'm stuck on the "Mail to SMS" configuration on the FGT... I don't receive any but on Postfix.

Have you already used this “Mail to SMS” solution from Forti? If yes, with what email service behind it and what configurations?

Thank you and have a good day.

3 REPLIES 3
AEK
Honored Contributor

Hello Raph

This requires a SMS gateway, which is a paid service. such service should be provided by ISP or mobile network operator (I think Fortinet as well).

AEK
AEK
RaphBRD
New Contributor

Hello AEK,

yes I totally agree!

I already have this service because I use it for another solution (MFA SMS OTP for WiFi).

So I wanted to take advantage of this capability to do SMS OTP on the FGT81F for SSL VPNs. The FGT81F natively offers Mail-To-SMS so I thought it would be simple to set up an email server, script to retrieve the information from this email and send in Curl my request to my SMS provider.

However, I cannot establish the "email link" between the FGT and Postfix...

THX

AEK
Honored Contributor

Hello Raph

I guess you already followed the steps described in the below tech tip.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SMS-Two-Factor-Authentication-...

 

Now if I understand well your issue you already have a SMS gateway based on Postfix, and FG doesn't establish the "email link" with it.

So what do you mean here? Do you mean you don't receive any mail on Postfix from FG?

If this is a case, did you try at least sniffing on Postfix server to see if any SMTP data is being sent from FG?

Did you check FG related logs or SMTP debug to see if any related error message?

You may try the following while doing the OTP test:

diag debug reset

diag debug application alertmail -1

diag debug enable

AEK
AEK
Labels
Top Kudoed Authors